Thursday, September 6, 2012

I am delighted to announce that
Steven Chabinsky is joining the CrowdStrike team on September 10th, 2012. Steve most recently served in the
highest-ranking civilian (non-law enforcement officer) position in the FBI’s
Cyber Division. Steve will be assuming
the role of SVP of Legal Affairs and Chief Risk Officer (CRO) for
CrowdStrike. In this role, Steve will be
instrumental in addressing complex cyber security issues faced by our customers
as well as helping to manage privacy and risk matters for CrowdStrike. Steve is
leaving the FBI after a long and extremely distinguished career. He is excited to continue his vision for
changing the private sector’s cyber-security model to increasingly focus on
adversary deterrence, threat discovery, and threat mitigation. Steve will employ the same focus and passion at
CrowdStrike he has demonstrated repeatedly over a 17-year career at the FBI. Similar
to Shawn Henry, Steve is the second senior executive to join CrowdStrike after
a distinguished FBI service record.

Pushing The Envelope

For more than ten years, Steve
has helped shape and draft many of the most significant U.S. national cyber and
infrastructure protection strategies including the Homeland Security Act of
2002, the National Strategy to Secure Cyberspace of 2003 and, in 2008, National
Security Presidential Directive 54, which includes the Comprehensive National Cyber-security
Initiative (CNCI). As I have written in
prior blog posts, CrowdStrike is on a mission to fundamentally change the way
organizations think about security. We
are working night and day on some of the coolest technology I have personally
been involved in creating; however, technology alone is not going to solve all
of our collective security problems.
Pushing the envelope in “Offensive” security or “Active Defense” is the
next key step in our industry’s evolution.
What better person to help advance the full range of actions that can be
taken against cyber threat actors, without overstepping legal boundaries, than
the former top cyber attorney for the FBI?
In his new role, Steve will directly assist CrowdStrike’s Services and
Intelligence customers respond to the legal aspects of a breach and assist General
Counsels in evaluating all their legal options, including liaising with law
enforcement.

Sharing Intelligence Is Key

Steve is an expert on cyber law
and cyber intelligence and has testified numerous times in front of
Congress. He served as chief of the
FBI’s Cyber Intelligence Section where he organized and led the FBI’s analysis
and reporting on terrorism, foreign intelligence, and criminal matters with a
cyber threat nexus. In this capacity,
Steve also helped shape the public/private partnership of sharing critical
threat information by helping to develop InfraGard into a national
program. Today InfraGard is an
association of over 50,000 individuals across critical infrastructure sectors
in each of the 50 states who are dedicated to building trusted relationships
and sharing security information and intelligence, which is key in dealing with
targeted intrusions. Steve will play a
critical role for CrowdStrike in extending the successes he has achieved in the
government by helping to foster the trusted and actionable sharing of security
intelligence across targeted industry sectors.

Privacy and Risk

Steve will
oversee and manage CrowdStrike’s privacy and risk strategies as we evolve our
big data platform. In his new role,
Steve will report directly to me and advise the company on all cyber legal,
privacy, and reputational issues across the business from product development
to execution. Steve’s tremendous experience and knowledge while at the Bureau
in managing information sharing, compliance, and risk issues in a myriad of
cyber security areas makes him an ideal addition to our already stellar
team. Steve will also help navigate the
complex set of privacy laws that will allow CrowdStrike to offer the most
robust Intelligence and Consulting Services to our customers. This is really important to me because we are
currently assisting some of the world's largest organizations in
responding to sophisticated targeted intrusions that require a broad knowledge
of appropriate legal responses.

The Way Forward

I believe in Steve’s vision and
strategy to help CrowdStrike and its customers better protect themselves. Our mission is too important to ignore the
legal complexities of cyber security law and the legal responses companies can
take to raise the financial, organizational, reputational, and legal costs to
the adversary. I feel as if we are in
the early days of a cyber revolution where companies can choose to stop taking
daily body blows from determined adversaries and take aggressive action to deter
and create a hostile environment for the enemy inside their own networks. While there are no silver bullets or miracle
“security programs” that can fix all of the challenges we face, legal “Offensive”
security is the right way forward to flip the inherent asymmetry in cyberspace,
which currently favors the attacker, into the defender’s favor.

Thanks again for all of your
continued support and encouragement!

George

For daily
updates on our mission, you can follow me on Twitter@george_kurtz, and you
can follow CrowdStrike via Twitter @crowdstrike
.

Prior to joining CrowdStrike,
Steven Chabinsky served as Deputy Assistant Director and as the highest-ranking
civilian (non-law enforcement officer) position in the FBI's Cyber
Division. In that capacity he helped
oversee all FBI investigative strategies, intelligence analysis, policy
development, and major outreach efforts that focused on protecting the United
States from cyber attack, cyber espionage, online child exploitation, and
Internet fraud. For over ten years, Mr.
Chabinsky helped shape and draft many of the most significant US national cyber
and infrastructure protection strategies, to include the Homeland Security Act
of 2002, the National Strategy to Secure Cyberspace of 2003 and, in 2008,
National Security Presidential Directive 54, which includes the Comprehensive
National Cybersecurity Initiative.
Between 2007 and 2009, Mr. Chabinsky served in the Office of the
Director of National Intelligence (ODNI) in various capacities, including
Acting Assistant Deputy Director of National Intelligence for Cyber, Chairman
of the National Cyber Study Group, and Director of the Joint Interagency Cyber
Task Force. In these roles, he led
national intelligence efforts to coordinate, monitor, and provide
recommendations to the President of the United States regarding implementation
of America’s cyber strategy. Prior to his ODNI tour, Mr. Chabinsky served as
chief of the FBI’s Cyber Intelligence Section where he organized and led the
FBI’s analysis and reporting on terrorism, foreign intelligence, and criminal
matters having a cyber threat nexus.

Mr. Chabinsky joined the FBI in
1995 as an attorney in the Office of the General Counsel where he initially
focused on employment law and personnel litigation. In 1998, Mr. Chabinsky was selected as the
Principal Legal Advisor to the multi-agency National Infrastructure Protection
Center (NIPC) and became Senior Counsel to the FBI's Cyber Division upon its
creation in 2002, during which time he rose in prominence as one of the
nation's foremost authorities in the complex areas of cyber law, surveillance
law, information sharing, and privacy.
Mr. Chabinsky played a prominent role in the national expansion of
InfraGard, a critical infrastructure partnership between the private sector,
academia, and government agencies. Mr.
Chabinsky helped develop InfraGard from an organization with roughly two
hundred unvetted members located in three cities into its current size of over
50,000 vetted members meeting in over 85 cities. Between 2002 and 2003, Mr. Chabinsky also
served in the White House Transition Planning Office for the creation of the
Department of Homeland Security, overseeing all legal issues associated with
standing up DHS' Information Analysis and Infrastructure Protection
Directorate.

Prior to joining the FBI, Mr.
Chabinsky worked as an associate attorney in the law firm of Simpson Thacher
& Bartlett in New York City practicing complex litigation including
insurance and reinsurance contract disputes, class action product liability,
and internal investigations. Mr.
Chabinsky clerked for the Honorable Judge Dennis G. Jacobs (now Chief Judge) of
the United States Court of Appeals for the Second Circuit and holds his
undergraduate and law degrees, both with honors, from Duke University. He has testified before the House and Senate,
and is a frequent keynote speaker and guest lecturer. His ideas have been featured in print news
media, he has appeared on radio and television, and he is the author of the
article "Cybersecurity Strategy: A
Primer for Policy Makers and Those on the Front Line," published in the
peer-reviewed Journal of National Security Law and Policy. He is the recipient of numerous awards and
recognitions, including the National Security Agency's bronze medallion for
inspired leadership, the ODNI's bronze medallion for Collection, and the Rank
Award of Meritorious Executive conferred by the President of the United States
for unwavering leadership and sustained extraordinary performance. In August 2012, Mr. Chabinsky was selected as
one of Security magazine's "Most Influential People in Security."

Thursday, August 16, 2012

Summer time in the internet security community tends to be hot and busy, and this summer has been no exception for many of us! It was great to see many of you at Black Hat in Las Vegas recently as my new company CrowdStrike continues to attract worldwide interest and is blossoming daily. We really appreciate everyone’s support and interest in our mission. However, this blog is not about CrowdStrike, it is about continuing the tradition of helping to educate and connect with the security community. It is with great pleasure that I announce the release of the seventh edition of Hacking Exposed: Network Security Secrets & Solutions.

A lot has changed since the first edition of the Hacking Exposed series was written in 1999. Besides having a little bit more hair than I have today, it was a time before the term targeted attacks even existed. Persistence was a novelty, and a virus wrecked your computer rather than sucking out billions of dollars of intellectual property from your company. The attacks were numerous and varied, and there was a much smaller pool of attackers coming at your digital defenses. It was before Metasploit even existed, and netcat and Back Orifice were the best Remote Access Tools (RATs) around. Fast forward 12 years and we live in the age of the constant cyber adversary. If you step back and really analyze the current environment, the adversary’s tools and techniques have not really evolved all that much. Netcat, once the Swiss army knife of the skilled pen tester, has been replaced with Poison Ivy. Pass the hash is now automated, and lateral movement within a network looks like a carbon copy of Chapter 4 – Hacking Windows.

So as the seventh edition of Hacking Exposed hits the shelves this summer, our new daily reality is that targeted attackers are attempting to rain on your picnic at the beach by attempting to kick digital sand in your face. Hacking Exposed was designed to provide that extra confidence builder that every good guy needs to help understand how to fight the cyber bully attempting to plant a flag on your digital beachfront. The increase in stories over the last three years alone about the wholesale loss of intellectual property is startling. As our own Shawn Henry, President of CrowdStrike Services says – “It is time to stop taking punches, and let's change the game. It’s time for a major shift in the way we secure our networks, and Hacking Exposed 7 can help you return the pain to your cyber adversary.” More than ever there seems to be a growing and unified agreement in the security community that today’s information security teams absolutely must have an inside track on the ways to beat the adversary and change the game.So What’s New In the 7th edition?We spent many late nights making sure the series is armed with the latest cutting edge information. We updated each chapter to get rid of the old and focus on the new. Some of the new items include:

Addressing Targeted Attacks– also known in some circles as Advanced Persistent Threats (APT).

Embedded Hacking– a topic near and dear to my heart. This section includes techniques used to strip circuit boards of all its chips and reverse engineer them.

Database Hacking– We added an entire section on hacking and protecting your most precious commodity – data. Hey, it is all about the data, right?

Mobile Hacking– We dedicated an entire chapter to mobile hacking, which couldn’t be more timely in today’s ever connected society.

Lastly, we have created a new website to help accompany the latest release of the book:www.hackingexposed7.com. Along with the new website, we have geared up our CrowdStrike team to provide quarterly webinars with exciting topics that are relevant to the community of security professionals we serve. The first webinar hosted by CrowdStrike will be on Wednesday, September 12th from 11am PT/ 2pm ET and will be a one hour format titled Hacking Exposed: Mobile Targeted ThreatsThe Next Wave of Attack. This session will focus on mobile threats that have been observed in the wild and the next wave of threat actors. It will conclude with a demo of a seamless targeted attack against an Android ICS device. I hope you can join Georg Wicherski and myself for this informative webinar. Georg is one of THE top mobile security researchers in our space. You may be familiar with his work if you attended Charlie Miller's recent Black Hat talk.I am looking forward to continuing both doing Hacking Exposed Live seminars and giving live Webcasts that focus on timely and relevant information. I will leave you with a quote from a good friend of mine, Patrick Heim, CISO of Salesforce.com – “I once heard an avid video gamer say, ‘If you are not moving, you’re dead!’ Use this book to move your security game and stay alive.” That exact sentiment conveys the pride I feel being involved with the Hacking Exposed series and giving back to the community so that you can “change your game” and live to fight another day!A big thanks to all the contributing authors who helped make this the best Hacking Exposed yet!For daily updates, you can follow me on Twitter @george_kurtz.To join our Hacking Exposed 7 mailing list and receive updates on the latest webinars, please sign up directly at www.hackingexposed7.com website.

Monday, May 7, 2012

One of the things that I have learned during my time working for large and small companies is the need
to have the right leadership at all levels of your operation. I have seen first hand the value a powerful
Board of Directors (BOD) can bring to an organization and the long-term impact
on shareholder value they can have.
Today, I am delighted to announce that GerhardWatzinger
and DenisO’Leary have joined the BOD of CrowdStrike, in
addition to our main investor PatrickSeverson from Warburg Pincus. Gerhard will be assuming the role of
non-executive Chairman of the Board.

From October 2007 - March of
2012, Gerhard Watzinger served as the Chief Strategy Officer and Executive Vice
President at McAfee, where he was responsible for guiding McAfee's global
business strategy and development.
Gerhard helped accelerate the international expansion of McAfee and
directed the company through numerous successful mergers and acquisitions,
which resulted in record revenue growth and increased market share. His most notable accomplishment was directly
architecting the sale of McAfee to Intel for almost 8 billion dollars, which is
one of the largest technology deals in the history of IT. Gerhard and I arrived on similar paths, and
joined McAfee via acquisition. Gerhard
was the CEO of SafeBoot, a leading enterprise security software vendor for data
encryption and user authentication, which was acquired in 2007 right before
they were about to go public. I can’t
tell you how excited I am to be collaborating with Gerhard again. He has vast
experience in helping to build, run, and scale large and small companies. Given his extensive international background,
he has the most global experience of any executive I have had the privilege of
working with in my career. I know he is
superbly suited and equally excited to provide the necessary strategic guidance
on the roadmap and evolution of CrowdStrike via a combination of organic and
inorganic growth models. Gerhard is one
of the rare gems in the business world that possesses a combination of ruthless
tactical execution and visionary strategic planning skills. Frankly, he was one of the main reasons
McAfee was so successful over the past few years.

Denis O’Leary,
is presently managing partner of Encore Financial Partners, Inc., a firm
focused on the acquisition and management of U.S. based banks. Previously he spent twenty five years at J.P.
Morgan Chase & Co, and served as the Chief Information Officer (CIO),
Director of Finance, Head of Retail Branch Banking, and Managing Executive of
Lab Morgan (a unit focused on strategic equity investing in technology),
becoming a member of the company’s nine - person executive committee when it
was established in 1997. Prior to the
acquisition by Intel, Denis most recently served on the Board of Directors of
McAfee where I had the privilege to work with him. As an experienced CIO who was in charge of
running one of the largest IT shops on the planet, his experience is
invaluable in helping guide us on delivering technology and services that meet
the needs of the most demanding enterprises.
Moreover, his experience as a public company board member at both
Fiserve and McAfee will aid in growing the company both domestically and
internationally. Most startups at this
stage of our life cycle don’t have the opportunity to attract individuals who
serve on public company boards, but when I approached Denis about our vision,
he immediately saw the opportunity to build a transformational security company.

The addition of these two individuals to our team
provides CrowdStrike with amazing depth in the boardroom. Gerhard and Denis
have stellar credentials; however, what is most impressive is that they each
share a common vision, mission, and purpose for CrowdStrike. Each of these leaders bear time tested battle
scars that will help us adjust and sharpen our roadmap to address today’s
security challenges. Like me, they too
share a common vision for creating a company focused on bucking the status quo. More importantly, they are the “A team” that will
continue to help us attract “A players” from around the globe. Things just got a little more interesting...

I also want to thank everyone who has reached out to
us and inquired about joining CrowdStrike; it has been truly humbling and awe
inspiring. We continue to seek out world-class
programmers, designers, incident response consultants, malware researchers, and
intelligence analysts who have strong skills and experience. If you think your experience matches up,
please send your resume to mission@crowdstrike.com. Keep up the
good fight!

Tuesday, April 17, 2012

In my previouspost I announced the launch of CrowdStrike - my new security company. Utilizing Big-Data technologies we are focused on helping enterprises and governments protect their most sensitive intellectual property from targeted intrusions. Today I am proud and honored to announce that Shawn Henry has joined CrowdStrike as the President of our newly formed professional services subsidiary – CrowdStrike Services, Inc. Shawn was the Executive Assistant Director of the Criminal, Cyber, Response, and Service Branch of the FBI. Shawn recently retired at the end of March of this year and he decided to start a new chapter in his already honorable service career. While at the FBI, he was responsible for all criminal and cyber investigations worldwide, as well as international operations, and critical incident response. Because of Shawn's work, and for his leadership position in enhancing the FBI’s cyber capabilities, he received the Presidential Rank Award for Meritorious Executive in 2009. While Shawn has spent his whole adult life with the FBI, in the last two years in particular, he has seen an incredible increase in persistence and determination from nation state actors attempting to steal intellectual property from many of our largest corporations and government institutions.

When Shawn announced his retirement and his move into the private sector, there was wide speculation about where he would land because of his long-term service with the bureau and his continued day-to-day mission in chasing down and apprehending the adversary. Shawn had many compelling offers and a wide array of noble positions to consider upon retirement from the bureau. CrowdStrike is honored to have him on our team and we know that Shawn is solidly behind our important mission. We have spent months looking for the right person to run our services organization, and bar none he is the absolute best candidate because of his leadership, integrity, and passion.

Shawn has seen first hand the devastation from a multitude of adversaries across many sectors and knows what needs to be done. Like Shawn, I know there are too many national policy issues to solve and that in many cases the “free market” can address the complex adversary problem far better than the government alone. Collectively we share the same view that industry can’t rely on the government alone to address the problem of targeted intrusions. At CrowdStrike we do not mince our words about our abilities to use our advanced intelligence technology to bring the fight to the front door of the adversary, increase their cost of operations, and assist our customers in responding to and mitigating targeted attacks and intrusions. As the adversary adjusts and realigns their tactics on a daily basis, we also strive to stay a step ahead of them. We are relentlessly focused on addressing the threat and continually update our playbook to enhance not only our own strategy but to also enhance the existing capabilities that are currently in play with our collective customers.

The formal creation of the Services arm now sets in stone the last gem of our “Triple Crown” and lays the foundation to further assist our customers with our complete offering. Our Services division, lead by Shawn, will be staffed with security practitioners that come with an unmatched pedigree of experience in information security and professional services delivery know-how. Our Intelligence team led by Adam Meyers will be the glue that binds our Services and Technology offerings led by Dmitri Alperovitch, Founder and CTO. Our offerings will provide an unparalleled strategic intelligence advantage over the adversary and will enable our customers to eventually encompass high-order attribution characteristics that easily rival the best collective intelligence agencies of the 21st century.

Thus, while we currently have our team focused on creating cutting edge technology to address the problem, we must build out a world-class services organization to immediately focus our professionals in helping organizations respond to the incidents that are bludgeoning them on a daily basis while providing the base compound to our intellectual “glue”. Our initial service offerings are focused on the following:

Enterprise Adversary & Malware Assessment

Identify unknown compromised systems and data exfiltration channels, determine attribution and motivation of the intruders, along with providing cyber counterintelligence strategies to respond to future intrusions

Incident Response Services

On demand based retainer service designed to empower enterprises with experienced and professional tactical response teams

Response and Recovery

Triage based service designed for enterprises to contain and recover from specific malware incidents or targeted intrusions

We are already engaged performing services for some of the world's largest companies and helping their teams respond to sophisticated targeted intrusions. What truly differentiates us from others is our ability to identify the adversary, their motivation, and their various tactics, techniques, and procedures. While the malware they use may change, their tradecraft is remarkably static.

Our goal is to build a team where we can instill confidence in our customers and provide leading edge analysis. CrowdStrike Services is staffed with security practitioners with broad years of experience in information security and professional services delivery. Currently, we are in the process of hiring additional consultants that have deep technical experience with computer malware threats, reverse engineering, and forensic investigation of networks in various areas like the financial, government, military, telecommunications, and industrial sectors. Shawn will be responsible for growing our services division into a global powerhouse with a laser focus on response, incident management, and incident prevention. Similar to what I created and built with our services organization at Foundstone, our goal is to be the absolute best in the industry, and we will be relentless in our execution of this goal. If you are interested in joining CrowdStrike Services and working with an exemplary team, please submit your resume to mission@crowdstrike.com. If your organization has the need for incident response and forensic services and you are tired of dealing with the attitude of the “old-guard,” please email us at services@crowdstrike.com. We will get back to you immediately.

To hear from Shawn directly please click here to visit his blog post and video.

Thanks again to all of you for all your support and encouragement that has poured in since our announcement in February, we truly appreciate it. If you would like to keep up with the latest news onCrowdStrike please follow us on Twitter @crowdstrike.

Wednesday, February 22, 2012

As I mentioned in a previous post, I was delighted to announce that I had joined Warburg Pincus,
a leading global private equity firm focused on growth investing, as an
Executive in Residence. So far my time as an EIR at Warburg has been
fantastic. The past few months have exposed me to many new companies and
technologies that really got my creative juices flowing and pushed me
to get back into the start-up game with Warburg Pincus as my partner.

Today, I am proud to announce the stealth-mode launch of my newest venture that I co-founded with Dmitri Alperovitch (CTO) and Gregg Marston (CFO)
– CrowdStrike. CrowdStrike is a security technology company focused on
helping enterprises and governments protect their most sensitive
intellectual property and national security information. Utilizing
Big-Data technologies, CrowdStrike is developing a new and innovative
approach to solving today’s most demanding cyber-security challenges.
CrowdStrike’s core mission is to fundamentally change how organizations
implement and manage security in their environment.

Why CrowdStrike:

The seemingly daily barrage of disclosures about companies that have had
their crown jewels stolen in recent years reinforced a key principle
for us – these companies don’t have a malware problem, they have an adversary problem. Many
just don’t know it. Today’s attacks are sophisticated, targeted, and
long ranging in scope. Unfortunately, almost every security solution
focuses on the tens of thousands of pieces of malware, exploits, and
vulnerabilities that are seen in the wild every day. Yet, those are just
the interchangeable and, in many cases, disposable tools that the
adversaries use to achieve their ultimate objective – theft of
intellectual property, trade secrets, and other business proprietary
information.

As many of you know the security industry is building “Maginot-line”
style of defenses – attempting to prevent all adversaries from getting
inside the perimeter of the network or host system. More importantly, a
well-financed, trained, and highly determined attacker will always get
in. More than likely, they are already in. There is no silver bullet
that will stop a determined adversary, so while the security industry
attempts to build bigger fences, the enemy is bringing higher ladders to
the fight. Moreover, the industry continues to focus on the malware or
exploits which is akin to focusing on the gun as opposed to the shooter
committing the crime. The person or organization pulling the trigger (or
deploying the malware) is the one that you ultimately need to focus on.
The type of gun or ammunition they may be using is interesting, but in
most cases not strategically relevant.

Based upon investigations we have led, such as Operation Aurora, Night Dragon, and Shady RAT,
and knowing the limitations of existing technologies, we are horrified
at the amount of IP being stolen and financial damage inflicted every
day. It is evident that we are dealing with economic predators who are
systematically destroying value in countries around the world. Even
worse, we may very well see the enemy engage in destructive and
disruptive attacks designed to take down critical infrastructure or
modify key processes and data in a covert undetectable fashion.

The Missing Link: Attribution & Raising the Costs to the Adversary

Attribution is the key strategic piece missing from all existing
security technologies – providing the answer to the “who?” vs. the
“what?” Knowing who is after your IP is critical in determining what
assets you want to protect and how. Protecting everything is impossible –
you may as well be protecting nothing. However, knowing the enemy is
the first step in the process of determining the priority of allocation
of scarce resources to defend the key assets and tailoring your response
to the Tactics, Techniques and Procedures (TTPs) of the adversary.
Knowing their capabilities, objectives, and the way they go about
executing on them is the missing piece of the puzzle in today’s
defensive security technologies. The key to success is raising
adversary’s costs to exceed the value of the data they may be trying to
exfiltrate and the only way to accomplish that is by forcing them to
change the way they conduct the human-led parts of their intrusions,
such as reconnaissance, lateral movement, identification of valuable
assets, and exfiltration. Other parts of the operation, such as
vulnerability weaponization, malware delivery, and command and control
can be mass-produced and changed at will with little cost. However,
attackers are creatures of habit and while they are fast to change their
weapons, they are slow to change their methods. By
identifying the adversary and revealing their unique TTPs (i.e. modus
operandi), we can hit them where it counts – at the human-dependent and
not easily scalable parts of their operations.

The CrowdStrike Mission:

As the President and CEO of CrowdStrike, one of the most exciting
aspects of this new venture for me is assembling a “dream team” of
security visionaries to address this important mission and challenge.
Our team is comprised of people who are “big thinkers” that have the
technical prowess to execute and carry out our mission goals without the
encumbrances that face legacy security solutions. Our team of
visionaries are the rebels who believe the current state of security is
fundamentally broken and want to do something about it. More
importantly, these are the patriots who are tired of seeing our
intellectual property and competitive advantage wiped away under the
thinly veiled cover of an Internet address. The recent stories
surrounding Nortel provide a shinning example of how the adversaries can
embed themselves into a multi-national organization for the better part
of a decade without detection while systematically accessing their most
coveted intellectual property. If we sit back idly and do nothing about
these types of attacks, we certainly face a crisis of epic proportions
and economic consequences that we have yet to fully comprehend.
CrowdStrike does not accept the status quo, and we intend to do
something about it. If you share our passion and vision about this
crisis, and believe you have what it takes to join our fight then please
send an email to mission@crowdstrike.com.
We are looking for kick ass coders, consultants, and experts who like
us have been fighting and responding to nation-state targeted
intrusions.

I will leave you with one final thought. The ancient Chinese military
strategist Sun Tzu in his teachings emphasized the need to “know your
enemy”. For if “you know your enemy and know yourself,” he wrote, “you
need not fear the result of a hundred battles.” Isn’t it time we apply
these simple time honored lessons in the cyber security battlefield of
the twenty-first century?